SSH, also known as a “Secure Shell Protocol,” is a protocol used to access a remote Linux system securely over an unsecured network via the command-line interface. SSH allows users to run commands on remote Linux servers, install and remove software packages, and manage everything via command line from a single place.
If you are a Linux system administrator and managing multiple servers via SSH, then you may need to provide a root password each time when you connect to the remote server. Remembering passwords for thousands of servers is very difficult for an administrator. In this case, you can use an SSH public and private key pair to connect remote servers without entering a password.
In this post, we will show you how to create a public and private key and set up a Linux server for passwordless login.
- A server running Linux on the Atlantic.Net Cloud Platform
- A root password configured on your server
Create Atlantic.Net Cloud Server
First, log in to your Atlantic.Net Cloud Server. Create a new server, choosing any Linux operating system with at least 1GB RAM. Connect to your Cloud Server via SSH and log in using the credentials highlighted at the top of the page.
Create a Public and Private SSH Key Pair
First, you will need to create a public and private key in your local Linux machine. You can use the ssh-keygen command to generate an RSA key pair.
ssh-keygen -t rsa
You will be asked to define the path to save the key files:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/vyom/.ssh/id_rsa):
Just press the Enter key to save the key files in the default location. You will be asked to set a passphrase:
Enter passphrase (empty for no passphrase):
Just press the Enter key to leave it empty. Once the key files are generated, you will get the following output:
Your identification has been saved in /home/vyom/.ssh/id_rsa.
Your public key has been saved in /home/vyom/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Osc1pEf3PGhYBuDiofx7GG6qbjo1+6Z4rxdcTxdeYsg [email protected]
The key's randomart image is:
| ..o. |
| .E +.. |
| o .oo++ |
| . o.o.+o= + |
| .o..oS.= o + |
| o o..o.o o . |
| . o o+oo |
|..+ o ++. |
You can now list both public and private key files using the following command:
ls -l .ssh/
You will get both files in the following output:
-rw------- 1 vyom vyom 1679 Apr 13 10:16 id_rsa
-rw-r--r-- 1 vyom vyom 393 Apr 13 10:16 id_rsa.pub
-rw-r--r-- 1 vyom vyom 8212 Apr 13 09:36 known_hosts
Copy SSH Public Key to the Remote Server
Next, you will need to copy the public key (id_rsa.pub) file to the remote server that you want to manage from your local machine.
You can run the ssh-copy-id command to copy the public key to the remote server:
ssh-copy-id [email protected]
You will be asked to provide the password of the remote server to copy the public key to the remote server:
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
Connect to Remote Server Without Password
At this point, the public key is copied to the remote server. You are now able to connect to the remote server without providing a password.
ssh [email protected]
Once you are logged in to the remote server, you will get the following output:
Activate the web console with: systemctl enable --now cockpit.socket
Last failed login: Wed Apr 13 04:39:07 UTC 2022 from 184.108.40.206 on ssh:notty
There were 2 failed login attempts since the last successful login.
Last login: Wed Apr 13 04:06:28 2022 from 220.127.116.11
[[email protected] ~]#
In this post, we explained how to create the public and private keys, copied the public key to a remote server, and accessed the remote Linux server without a password. Hopefully, this will save you a lot of time while managing multiple remote servers. Try it on VPS hosting from Atlantic.Net!